Forgot your password?
typodupeerror
Security Transportation IT

New Cars Vulnerable To Wireless Theft 280

Posted by timothy
from the unauthorized-driver-detected dept.
tkrotchko writes "In a story published by Technology Review, researchers have demonstrated multiple times that they can bypass the security of wireless entry and ignition systems to take a car without the owner's permission. As researchers in the article point out, car security systems will begin have a real impact to every day use if a thief can simply walk up to your car and drive it away. Although this article is light on technical details, a companion article shows how the researchers accomplished the security bypass. An interesting read, and certainly something that will no doubt be the subject of a new movie any day now."
This discussion has been archived. No new comments can be posted.

New Cars Vulnerable To Wireless Theft

Comments Filter:
  • Duhhhh (Score:5, Insightful)

    by phantomcircuit (938963) on Thursday January 06, 2011 @05:26PM (#34782990) Homepage

    I'm sure pretty much anybody who even remotely understands anything about tech saw this one coming.

  • Re:Already on TV (Score:0, Insightful)

    by Anonymous Coward on Thursday January 06, 2011 @05:42PM (#34783238)
    He was probably referring to the summary: "and certainly something that will no doubt be the subject of a new movie any day now."
  • Re:Ross Anderson (Score:5, Insightful)

    by fuzzyfuzzyfungus (1223518) on Thursday January 06, 2011 @05:46PM (#34783304) Journal
    The problem with the manufacturer's view(banks seem to approach ATM skimmers with the same naivete) is that it only takes somebody with technical skills to do the actual cryptoanalysis, followed by some opportunist with a shady supply chain to "productize" the hack into something that you'll be able to buy over the internet for a few hundred or thousand dollars and operate with about as much difficulty as the average MP3 player...

    Obviously, if every thief had to make his own tools, the intersection between people who can analyze novel(if flawed) cryptosystems and then build attack hardware that puts out sufficiently clean RF output exploiting whatever vulnerabilities exist and the people who steal cars for a living is pretty much zero. Stealing cars just isn't lucrative enough, unless times are very hard for engineers of reasonable talent.

    That isn't the way it works, though. The guys doing the break-n'-grab are just peons using tools created by others(apparently, with ATM skimmers, there are even "franchise" style setups, where you get access to the hardware in exchange for uploading a percentage of your skims to your sponsor...) And, building sophisticated electronic tools is a perfectly fine business, definitely worth the time of talented people, particularly ones in locales with weakish rule of law and relatively low local wages...

    Analyzing a system's security by saying "eh, how many carjackers are cryptoanalysts?" is sort of like dismissing the risks of a bad neighborhood by saying "Eh, how many muggers are machinists and gunsmiths?" It is true that the answer is "Not many, possibly zero"; but that won't exactly keep you from getting shot.

The first Rotarian was the first man to call John the Baptist "Jack." -- H.L. Mencken

Working...